Summary:
Simply and reliably end-to-end encrypted and anonymized emails, which are particularly suitable for daily use. Encrypting, as well as anonymization, take place automatically: there are no requirements for passwords and encryption procedures. A small fee for sending emails is effective in preventing the participation of spam emails.

Full Description:
The technique to be presented is known as the ”New Email System” (abbreviation: NES) and has a German patent with the title ”Technique for the encryption and decryption of emails with billable transmission via an email service provider”. The patent essentially contains the methods for to devide emails, letter for letter, number for number, into two parts before being sent so that they can be automatically encrypted in a relatively simple manner. The transmission of the individual ”part” emails is forced to be sent via two separate routes. This results in an end-to-end encryption that is not able to be interrupted at any point of the email transmission process. Only upon receipt of both part emails on the behalf of the adressee can they be put back together, decrypted and read again.

Preliminary Remarks
Emails should offer as much protection as their predecessor: the ”analogue” letter – written on paper, placed and sent in a sealed envelope, and in this way protected from the unwanted exposure of content. Even if it is not completely secure, this has allowed the letter/postal system to preserve itself until now. A comparable email system that is simple, yet secure and especially suited for daily use could make sure that such communication is not as easily compromised.

Due to in part recent incidents regarding issues of privacy of data, most users would welcome an end-to-end encryption system for emails provided that the ease of use were improved significantly. And, known instances of snooping and data collection have shown that a veiling, or better, an anonymization of who communicates with whom would help to better protect privacy.

A correspondingly improved and yet suitable-for-daily use email system would include the following features in order to ensure that email users both accept it and like to use it:

• Writing, sending and archiving emails must be as simple as it has been until now.
• An email must remain encrypted along its entire route, uninterrupted – from the sender to the recipient. No one, from an email service provider to any other type of institution, should be able to access the content of a message.
• Existing email adresses and programs must remain useable as before.
• Encryption, as well as anonymization, must take place automatically. The user must not notice anything, put anything extra into use or perform any additional administrative tasks.
• Encrypted messages must be able to be delivered to every valid email address, worldwide, without any additional formalities. On the side of the recipient, it should be possible to simply and quickly decrypt and read emails.
• The software that carries out these procedures – encryption, anonymization and decryption of emails – must at all times be available online, free of cost. The installation of the programm on the user’s computer should take place automatically, without significant assistance on the user‘s behalf.

With the seperation of an email into two pieces, which are sent along two separate routes, a comfortable end-to-end encryption can be achieved. Writing and sending an email in NES systems as we have come to know it should remain just as simple as it was before. It will not be necessary to master any encryption procedures, not will it be a requirement to input any passwords at any point throughout the process. However, emails and accounts will remain protected from abuses of privacy: an PGP encrypted identification process will take place automatically in the background upon sending an email, making sure that only intended beneficiaries have access.

An equally important element of the procedure is the processing transportation cost; this cost is applicable for every email, and is to be billed in advance, i.e. $ 0.002 per transaction. The fee is on the one hand required for the financing of the NES email system and on the other hand to keep it free from abuse: spam emails will be omitted, as the fee is to be paid in advance, and also due to the fact the identification required for advertising emails does not suit the typical business model of such entities.

Furthermore, this procedure makes it possible for the appropriate information regarding the sender of the message to remain invisible on the way to the recipient. Only a virtual sender address will be at first recognizable (in the header, as well). Upon receipt of the message by the intended party the actual email address of the sender will become once again visible.

Specifications
For the operation of the NES, it is necessary to set up an ”Email Exchange Center” (abbreviation: EEC) that assures the smooth execution of email dispatching. Secondly, an additional program will be provided free of charge to all users which expands the capabilities of their current email programs to those needed by this particular procedure. This includes, primarily, the supplementary software that separates one email into two partial emails (included the subject line and annexes, if applicable), letter-by-letter, digit-by-digit (annexes are divided digit-by-digit or pixel-by-pixel; depending on the specific nature of the files).

Even removing and re-inserting the recipient and sender details in the partial emails in the ”visible” part, as well as in the header are a part of the security procedure. Partial email 1 contains the real address of the email recipient, but a fake, or virtual sender’s address; on the other hand, partial email 2 contains also a fake, or virtual sender’s address, and for this the address of the EEC. The respective halves of the correct sender’s address must be suitably located in both parts of the separated email.

Furthermore, the public PGP key of the EEC must be pre-installed in the provided compementary software, or be otherwise available, to secure communication between senders and the EEC and in order to carry out PGP encrypted communication. – A PGP encrypted password given by the EEC must be forwarded to the user’s computer before the transmission of every email. At the moment an email is sent, the current transaction number, date and time of the previous transaction, and partial email 2 must be – automated with the public PGP key of the EEC and then encrypted – dispatched to the EEC. It is sufficient that the supplementary software contains the public PGP key belonging to the EEC so that it may handle it according (and, therefore not the user themself). The thusly-encrypted information can only be decrypted by the EEC itself with its own private PGP key, with which the legetimacy of the email-sender is checked and all other tasks can be carried out.

A recipient of a NES email that does not yet have the supplemental software is informed upon receipt by the EEC as to how the message can be decrypted and opened. The recipient is then directed to download a ”small version” of the supplementary software in order to access the full email and its contents; there are no further requirements. Should the supplementary software be required, it should install automatically so that a layperson does not experience any difficulties and thereby easily access the email sent to them; as long as the supplementary software is kept on the computer, it should be sufficient to open up other such emails in the future. If this same user wants to send encrypted emails in the future, he must simply sign up with the EEC in order to get the ”full version” of the supplementary software. Should the user not download and use the supplementary software, a notification should come back to them from the EEC that the email has been returned to sender and must either be resent via the ”old” email system, unencrypted, or that the supplementary software must be downloaded and installed.

After writing a NES email, the dispatch command for the message at hand sets the following operations into motion, unnoticed by the sender:

1. The separation of the email (including subject line) into partial emails 1 und 2; potential attachments must also be divided amongst emails 1 and 2,
2. Replacing the sender’s address with two differing virtual/fake sender’s addresses for both partial email 1 and email 2 (in the visible part, as well in the header),
3. The addition of one half of the return address per partial email,
4. The sending of partial email 1 on a direct route to the intended recipient (TLS encrypted),
5. The addition of the EEC’s address in partial email 2 and the ”preliminary” recipient’s address (the ”diversion” of partial email 2, while simultaneously concealing the correct email recipient),
6. An automated, PGP encrypted identification, information and transfer operation on behalf of the email sender to the EEC; this information must always be encrypted with the EEC’s public PGP key, or are rather encrypted with the key provided by the supplementary software, and can only be decrypted using the private PGP key from the EEC,
6.a. Sending the identification data, particulary the user password, that only the user’s computer and the email exchange center share as a ”common secret” (with which the EEC also recognizes the email address of the sender), the newest transaction number, and the date and time of the previous transaction,
6.b. Sending of the email recipient’s address, which must first be used by the EEC in partial email 2 before it is forwarded to the intended recipient,
6.c. Sending of partial email 2.

The EEC will for its part carry out the following operations:

7. PGP decryption (with the EEC’s private key) of both partial email 2 and the identification, information and transfer process of the data the have been received by the sender of the email,
8. The inspection for the correctness of the received user password, the current transaction number, date and time of the previous transaction, as well as the allocation of appropriate user account data,
9. The re-addressing of partial email 2 with the obtained recipient email address,
10. The sending of partial email 2 to the recipient (TLS encrypted):
10.a. Only relevant for not yet participating email recipients (TLS encrypted): Information from the recipient of an email through the receipt of an email from the NES that the software for the decryption and opening of the email can be immediately downloaded and used,
10.b. Upon failed requests for the supplementary software: Notification of the email recipient that the message will be sent back and a notification to sender that the message should be sent again through the ”old” email system,
10.c. Upon request of the supplementary software, instant installation on the recipient’s computer, whereupon the received email appears in the inbox window with the correct email sender and is able to be opened. At this time, partial emails 1 and 2 will be put together, unnoticed by the repicient. With the reversal of the email separation process, the email is in essence reproduced. In the same fashion, the sender’s information will also be recompiled and become visible to the recipient.
11. Feedback (TLS encrypted) to the sender of the email: display of the fee for the email, current account balance, as well as the new user password (which has been encrypted with the public PGP key from the EEC).

Problem this idea/invention addresses:
Email end-to-end encryption is still far too complicated for the users. But using the new email system, writing and sending of end-to-end encrypted emails is as simple as sending unencrypted emails. And, moreover, the participation of spam emails is prevented.